CTPERF

Reports on the performance of PKCS #11 cryptographic operations.

NOTE   This performance measurement is application-dependent, therefore the results are indicative only.

Syntax

ctperf [–h] [–b<bytes>] [–c] [–C<curve_name] [–e] [–i<count>] [–k] [–m<bits>] [–n<mechanism>] [–o<mechanism>] [–p] [–q] [–r] [–R] [–s<slot>] [t<seconds>] [–v] [–x] [–z<name>]

Options

Option

Description

–b<bytes>

––block–size=<bytes>

Specify the block size to use for the symmetric cipher tests. For example, –b8 specifies 8 bytes, –b8k specifies 8 kilobytes.  Default size is 4 kilobytes.
–c ––strict

Strict PKCS #11.

–C<curve_name>

––curve–name=<label>

Specifies which curve to use. Valid values are:

>P-192 (also known as prime 192v1 and secp192r1)

>P-224 (also known as secp224r1)

>P-256 (also known as prime 256v1 and secp256r1)

>P-384 (also known as secp384r1)

>P-521 (also known as secp521r1)

>c2nb191v1

>c2tnb191v1e

>or any valid Domain Parameters object label

If a curve name is not specified, the default P-192 is used.
–e ––EMC

Runs tests suitable for EMC testing purposes.

–h,–?

 ––help

Display usage information.

–i<count>

––iterations=<count>

The number of iterations of the performance tests to run.  Default is 1, use –1 to specify an infinite count.
–k

––keygen

Generation random keys (default uses fixed keys).

–m<bits>

––modulus=<bits>

Modulus bit length.

–n<mechanism>

––exc–mechanism=<mechanism>

Mechanisms to exclude from the test. This option may be repeated with additional mechanisms to specify more than one. See the –o option for a list of mechanisms. Default is no mechanisms.

–o<mechanism>

––inc–mechanism=<mechanism>

Mechanisms to include in the test. This option may be repeated with additional mechanisms to specify more than one. Default is all mechanisms. (For details and a listing of SafeNet ProtectToolkit-C supported mechanisms please refer to the SafeNet ProtectToolkit-C Programmer's Guide.)

The following mechanism tests are supported:

–o sha1

 SHA-1 mechanism

–o sha224

 SHA-224 mechanism

–o sha256

 SHA-256 mechanism

–o sha384

 SHA-384 mechanism

–o sha512

 SHA-512 mechanism

–o md

 all Message Digest mechanisms

–o md5

 MD-5 mechanism

–o rmd128

 RMD-128 mechanism

–o rmd160

 RMD-160 mechanism

–o aes

 all AES mechanisms

–o aes_ecb

 AES ECB mechanism

–o aes_cbc

 AES CBC mechanism

–o aes_mac

 AES MAC mechanism

–o des_all

 all DES mechanisms

–o des_ecb64

 DES ECB with fixed buffer size of 54 bytes

–o des

 all single DES mechanisms

–o des_ecb

 single DES-ECB mechanism

–o des_cbc

 single DES-CBC mechanism

–o des_mac

 single DES-MAC mechanism

–o des3

 all triple-DES mechanisms

–o des3_ecb

 triple DES-ECB mechanism

–o des3_ecb64

 triple DES-ECB mechanism with fixed length 64 byte buffer

–o des3_cbc

 triple DES-CBC mechanism

–o des3_mac

 triple DES-MAC mechanism

–o idea

 all IDEA mechanisms

–o idea_ecb

 IDEA-ECB mechanism

–o idea_cbc

 IDEA-CBC mechanism

–o idea_mac

 IDEA-MAC mechanism

–o cast

 all CAST mechanisms

–o cast_ecb

 CAST ECB mechanism

–o cast_cbc

 CAST CBC mechanism

–o cast_mac

 CAST MAC mechanism

–o seed

 all SEED mechanisms

–o seed_ecb

 SEED ECB mechanism

–o seed_cbc

 SEED CBC mechanism

–o seed_mac

 SEED MAC mechanism

–o rc2

 all RC2 mechanisms

–o rc2_ecb

 RC2-ECB mechanism

–o rc2_cbc

 RC2-CBC mechanism

–o rc4

 RC4 mechanism

–o rsa_kg

 RSA PKCS key generation mechanism

–o rsa_kg_x931

 RSA C931 key generation mechanism

–o rsa

 most RSA mechanisms

–o rsa_raw_enc

 basic RSA public key transform

–o rsa_pkcs_enc

 RSA public key enc with PKCS padding

–o rsa_pkcs_ver

 RSA private key verify with PKCS padding

–o rsa_raw_dec

 basic RSA private key transform

–o rsa_pkcs_dec

 RSA private key decrypt with PKCS padding

–o rsa_9796_sign

 RSA sign with ISO9796 padding

–o rsa_raw_dec_crt

 RSA private key primitive with CRT key

–o rsa_9796_sign_crt

 RSA ISO9796 sign, CRT key

–o rsa_ncrt

 all RSA mechanisms using non CRT keys

–o dsa_kg

 all DSA key generation mechanisms

–o dsa

 all DSA mechanisms. That is:

>dsa_verify

>dsa_sign

–o sym

 all symmetric algorithm mechanisms

–o asym

 all asymmetric algorithm mechanisms

–o ec

 all EC DSA operations. That is:

>ecdsa_kgecdsa_sign

>ecdsa_verify

>ecdsa_sha1_sign

>ecdsa_sha1_verify

–o cert gen

 invokes certificate-generation and signing tests

–o dh_kg

 Diffie-Hellmann key generation mechanism

–o rng

 the random number generation mechanism

–o extra

 the following:

>des3_ses_kg: DES3 Session Key Generation/Destruction

>des3_tok_kg: DES3 Token Key Generation/Destruction

>des3_kw: DES3 Key Wrap

>cert_gen: Certificate Generation/Destruction

>ses: Session Open/Close

>obj: Object Creation/Search/Destroy

>login: Login / Logout

>xor_dk: XOR Derive Key

–o mc

 reading of the monotonic counter object
–p ––dsa–params

Parameters generated for DSA.
–q ––quick

Quick Keygen (key generation tests not performed).
–r ––random

Execute a random selection of the performance tests.
–R ––Random

Seed the random number generator. This option should be used with the –r option to generate a unique sequence of tests, otherwise the same pseudo random sequence will be repeated.

–s<slot>

––slot–num=<slot>

Specify the slot number to perform test on.

–t<seconds>

––time–period=<seconds>

Specify the measurement period. Default is 5 seconds.
–v ––verbose

Verbose (provide more information).
–x ––csv

Create a CSV (comma-separated variable) file.

–z<name>

––cryptoki–module=<name>

Optionally, specify a different cryptoki module to use. May include full path.


Customer Support Portal

SafeNet ProtectToolkit 5.5 Product Documentation  08 January 2020  Copyright 2009-2020 Gemalto. All rights reserved.